<?php
/**
* Page to do the original application setup
*
* @author       Fabrice Douteaud <admin@clearbudget.net>
* @package      framework
* @access       public
*/

/***********************************************************************

  Copyright (C) 2008  Fabrice Douteaud (admin@clearbudget.net)

    This file is part of ClearBudget.

    ClearBudget is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    ClearBudget is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with ClearBudget.  If not, see <http://www.gnu.org/licenses/>.

************************************************************************/
//prevent direct access
if(!defined('ENGINEON')) die('Direct access forbidden');

$userSettings = class_settings::getInstance();

// if application is already setup we go back to the home page
if($userSettings->setupDone()) {
  $context->nextAction = 'home';
  return;
  }

// some flags
$settingsSuccess = false;

// get the user data
$username = $context->username;
$password = $context->password;
$language = $context->language;
$currency = $context->currency;
$secureAccess = $context->secureAccess;
  
// process the request
if($_SERVER["REQUEST_METHOD"]=='POST') {
  // JSON flag to true as this always returns JSON data
  self::$json = true;
  
  // if we have the request to secure the access to the site, we must have a valid username and password
  if($secureAccess == '1') {
    $userSettings->secureAccess = '1';
    // if username and password are valid
    if($username == null || $username == '' || strlen($username)<6) {
      $return['error'] = true;
      $return['msg'] = $keys->error_InvalidUsername;
      return;
      }
    else $userSettings->username = $username;
    if($password == null || $password == '' || strlen($password)<6) {
      $return['error'] = true;
      $return['msg'] = $keys->error_InvalidPassword;
      return;
      }
    else $userSettings->password = $password;
    }
  else $userSettings->secureAccess = '0';
    
  // save data if mandatory information are present
  if($language!='NULL' && $currency!='NULL' && $language!='' && $currency!='') {
    $isNewUser = true;
    if($secureAccess == '1') {
      // create the user
      $userId = $userSettings->insertUser($username, $password);
      if($userId != true) {
        $return['error'] = true;
        $return['msg'] = $keys->failure.'1';
        return;
        }
      $isNewUser = false;
      }
    
    $userSettings->currency = $currency;
    $userSettings->language = $language;
    // if user is created then we update the user settings
    $userSettings->updateUserSettings(true, $isNewUser);
    // if secure access is not requested, then we make sure that no password is in the DB
    if($secureAccess != '1') $userSettings->resetPassword();
    $return['error'] = 0;
    $return['msg'] = $keys->setupSuccess;
    }
  else {
    $return['error'] = true;
    $return['msg'] = $keys->error_MissingMandatoryUserSettings;
    return;
    }
  }
?>